def obtain_ip(self): print("** NS Lookup Result **") current_ip = socket.gethostbyname(self.base_url) print("IP Address: " + current_ip) print("FQDN: " + socket.getfqdn(self.base_url)) distinct_ips = [] socket_info = socket.getaddrinfo(self.base_url, 0, 0, 0, 0) for result in socket_info: ns_ip = result[4][0] if distinct_ips.count(ns_ip) == 0: distinct_ips.append(ns_ip) print('NS IP Address: ' + ns_ip) distinct_ips = list(set(distinct_ips)) return current_ip
def obtain_ip(self): print("__LOOKUP____________________________________________") currnet_ip = socket.gethostbyname(self.base_url) print("ip: " + currnet_ip) print("FQDN: " + socket.getfqdn(self.base_url)) distinct_ips = [] # 0,0,0,0 is for (family, type, proto, canonname, sockaddr) socket_info = socket.getaddrinfo(self.base_url, 0, 0, 0, 0) for result in socket_info: ns_ip = result[4][0] if distinct_ips.count(ns_ip) == 0: distinct_ips.append(ns_ip) print(ns_ip) distinct_ips = list(set(distinct_ips)) return currnet_ip
def obtain_ip(self): print("__LOOKUP____________________________________________") currnet_ip = socket.gethostbyname(self.base_url) print("ip: "+currnet_ip) print("FQDN: "+socket.getfqdn(self.base_url)) distinct_ips = [] # 0,0,0,0 is for (family, type, proto, canonname, sockaddr) socket_info = socket.getaddrinfo(self.base_url,0,0,0,0) for result in socket_info: ns_ip = result[4][0] if distinct_ips.count(ns_ip)==0: distinct_ips.append(ns_ip) print(ns_ip) distinct_ips = list(set(distinct_ips)) return currnet_ip
def statistical_report(url,tldextract_output): topips=['64.70.19.203', '216.218.185.162', '172.217.14.161', '175.126.123.219', '156.251.148.212', '54.83.43.69', '47.91.170.222', '173.230.141.80', '103.44.28.169', '103.44.28.181', '108.61.203.22', '23.20.239.12', '153.92.0.100', '141.8.224.221', '184.168.131.241', '122.10.109.175', '209.202.252.66', '199.59.242.153', '69.172.201.153', '91.227.52.108', '35.186.238.101', '185.164.136.124', '69.16.230.42', '18.216.20.136', '211.231.99.250', '59.188.232.88', '160.121.242.52', '91.195.240.126', '37.157.192.102', '67.227.226.240', '52.58.78.16', '198.11.172.242', '3.234.181.234', '172.120.69.45', '204.95.99.26', '193.109.247.10', '52.69.166.231', '23.89.1.166', '18.211.9.206', '72.52.178.23', '204.11.56.48', '193.109.247.224', '47.75.126.218', '156.234.215.125', '23.253.126.58', '23.236.62.147', '47.245.9.22', '104.239.157.210', '208.91.197.46', '209.99.40.223'] topdomains=["docs.google.com","storage.googleapis.com","firebasestorage.googleapis.com","cheaproomsvalencia.com","playarprint.com",\ "forms.office.com","bit.ly","sites.google.com","ivanidzakovic.com","drive.google.com","forms.gle","codesandbox.io",".sharepoint.com","onedrive.live.com",\ "advonationusa.com","infopublishersassociation.com","vmorefraud.com","stolizaparketa.ru","mytanfarma.com","zohard.com","southcountyclassified.com","tptelecom","tinyurl.com"] topips=[] ip_list = [] try: ais = socket.getaddrinfo(tldextract_output.subdomain + '.' + tldextract_output.domain+'.'+tldextract_output.suffix,0,0,0,0) for tldextract_output in ais: ip_list.append(result[-1][0]) ip_list = list(set(ip_list)) for ip in ip_list: if ip in topips: return -1 except: pass for domain in topdomains: if domain in url: # print("phish report") return -1 return 1